itskingori/Makefile

## Makefile
# modified from https://github.com/stefanprodan/k8s-prom-hpa/blob/617a98c5d921c3413599bbbb1438dfb125e3bd21/Makefile

SHELL=bash
UNAME := $(shell uname)
PURPOSE:=custom-metrics-adapter
SERVICE_NAME:=custom-metrics-apiserver
ALT_NAMES:="custom-metrics-apiserver.kube-system","custom-metrics-apiserver.kube-system.svc"
SECRET_FILE:=custom-metrics-adapter-serving-certs.yml

certs: gensecret rmcerts

.PHONY: gencerts
gencerts:
	@echo Generating TLS certs
	@go get -u github.com/cloudflare/cfssl/cmd/...
	@openssl req -x509 -sha256 -new -nodes -days 365 -newkey rsa:2048 -keyout $(PURPOSE)-ca.key -out $(PURPOSE)-ca.crt -subj "/CN=ca"
	@echo '{"signing":{"default":{"expiry":"43800h","usages":["signing","key encipherment","'$(PURPOSE)'"]}}}' > "$(PURPOSE)-ca-config.json"
	@echo '{"CN":"'$(SERVICE_NAME)'","hosts":[$(ALT_NAMES)],"key":{"algo":"rsa","size":2048}}' | cfssl gencert -ca=$(PURPOSE)-ca.crt -ca-key=$(PURPOSE)-ca.key -config=$(PURPOSE)-ca-config.json - | cfssljson -bare apiserver

.PHONY: gensecret
gensecret: gencerts
	@echo Generating $(SECRET_FILE)
	@echo "apiVersion: v1" > $(SECRET_FILE)
	@echo "kind: Secret" >> $(SECRET_FILE)
	@echo "metadata:" >> $(SECRET_FILE)
	@echo " name: custom-metrics-adapter-serving-certs" >> $(SECRET_FILE)
	@echo " namespace: kube-system" >> $(SECRET_FILE)
	@echo "data:" >> $(SECRET_FILE)
ifeq ($(UNAME), Darwin)
	@echo " serving.crt: $$(cat apiserver.pem | base64)" >> $(SECRET_FILE)
	@echo " serving.key: $$(cat apiserver-key.pem | base64)" >> $(SECRET_FILE)
endif
ifeq ($(UNAME), Linux)
	@echo " serving.crt: $$(cat apiserver.pem | base64 -w 0)" >> $(SECRET_FILE)
	@echo " serving.key: $$(cat apiserver-key.pem | base64 -w 0)" >> $(SECRET_FILE)
endif

.PHONY: rmcerts
rmcerts:
	@rm -f apiserver-key.pem apiserver.csr apiserver.pem
	@rm -f $(PURPOSE)-ca-config.json $(PURPOSE)-ca.crt $(PURPOSE)-ca.key
	# modified from https://github.com/stefanprodan/k8s-prom-hpa/blob/617a98c5d921c3413599bbbb1438dfb125e3bd21/Makefile

	SHELL=bash
	UNAME := $(shell uname)
	PURPOSE:=custom-metrics-adapter
	SERVICE_NAME:=custom-metrics-apiserver
	ALT_NAMES:="custom-metrics-apiserver.kube-system","custom-metrics-apiserver.kube-system.svc"
	SECRET_FILE:=custom-metrics-adapter-serving-certs.yml

	certs: gensecret rmcerts

	.PHONY: gencerts
	gencerts:
	@echo Generating TLS certs
	@go get -u github.com/cloudflare/cfssl/cmd/...
	@openssl req -x509 -sha256 -new -nodes -days 365 -newkey rsa:2048 -keyout $(PURPOSE)-ca.key -out $(PURPOSE)-ca.crt -subj "/CN=ca"
	@echo '{"signing":{"default":{"expiry":"43800h","usages":["signing","key encipherment","'$(PURPOSE)'"]}}}' > "$(PURPOSE)-ca-config.json"
	@echo '{"CN":"'$(SERVICE_NAME)'","hosts":[$(ALT_NAMES)],"key":{"algo":"rsa","size":2048}}' \| cfssl gencert -ca=$(PURPOSE)-ca.crt -ca-key=$(PURPOSE)-ca.key -config=$(PURPOSE)-ca-config.json - \| cfssljson -bare apiserver

	.PHONY: gensecret
	gensecret: gencerts
	@echo Generating $(SECRET_FILE)
	@echo "apiVersion: v1" > $(SECRET_FILE)
	@echo "kind: Secret" >> $(SECRET_FILE)
	@echo "metadata:" >> $(SECRET_FILE)
	@echo " name: custom-metrics-adapter-serving-certs" >> $(SECRET_FILE)
	@echo " namespace: kube-system" >> $(SECRET_FILE)
	@echo "data:" >> $(SECRET_FILE)
	ifeq ($(UNAME), Darwin)
	@echo " serving.crt: $$(cat apiserver.pem \| base64)" >> $(SECRET_FILE)
	@echo " serving.key: $$(cat apiserver-key.pem \| base64)" >> $(SECRET_FILE)
	endif
	ifeq ($(UNAME), Linux)
	@echo " serving.crt: $$(cat apiserver.pem \| base64 -w 0)" >> $(SECRET_FILE)
	@echo " serving.key: $$(cat apiserver-key.pem \| base64 -w 0)" >> $(SECRET_FILE)
	endif

	.PHONY: rmcerts
	rmcerts:
	@rm -f apiserver-key.pem apiserver.csr apiserver.pem
	@rm -f $(PURPOSE)-ca-config.json $(PURPOSE)-ca.crt $(PURPOSE)-ca.key